CVE-2023-38951

🗓️ 03 Aug 2023 00:00:00Reported by mitreType

cve

cve🔗 web.nvd.nist.gov👁 112 Views🌐 WEB

A path traversal vulnerability in ZKTeco BioTime v8.5.

Reporter	Title	Published	Views	Family All 20
0day.today	BioTime Directory Traversal / Remote Code Execution Exploit	1 Apr 202400:00	–	zdt
BDU FSTEC	The vulnerability of the SFTP Secure File Transfer Protocol implementation in the BioTime time management web platform allows a violator to write arbitrary files.	7 Aug 202300:00	–	bdu_fstec
Circl	CVE-2023-38951	5 May 202517:48	–	circl
CNNVD	ZKTeco BioTime Path Traversal Vulnerability	3 Aug 202300:00	–	cnnvd
Cvelist	CVE-2023-38951	3 Aug 202300:00	–	cvelist
EUVD	EUVD-2023-42711	3 Oct 202520:07	–	euvd
Nuclei	ZKTeco BioTime <= 9.0.1 - Privilege Escalation	22 Jun 202605:20	–	nuclei
NVD	CVE-2023-38951	3 Aug 202323:15	–	nvd
OSV	CVE-2023-38951	3 Aug 202323:15	–	osv
Packet Storm	BioTime Directory Traversal / Remote Code Execution	1 Apr 202400:00	–	packetstorm

NVD

Node

zkteco biotimeMatch8.5.5

Source	Link
zkteco	www.zkteco.com/en/announcement
claroty	www.claroty.com/team82/disclosure-dashboard/cve-2023-38951
krashconsulting	www.krashconsulting.com/fury-of-fingers-biotime-rce/
zkteco	www.zkteco.com/en/ZKBio_Time/ZKBioTime
github	www.github.com/omair2084/biotime-rce-8.5.5/blob/main/biotime_enum.py
zkteco	www.zkteco.com/
sploitus	www.sploitus.com/exploit

Parameter	Position	Path	Description	CWE
SN	query param	iclock/file?SN=win&url=/../../../../../../../../windows/win.ini	Directory traversal to read system file via iclock/file endpoint	CWE-22
url	query param	iclock/file?SN=win&url=/../../../../../../../../windows/win.ini	Directory traversal to read system file via iclock/file endpoint	CWE-22
SN	query param	iclock/file?SN=att&url=/../../../../../../../../biotime/attsite.ini	Directory traversal to read BioTime config file via iclock/file endpoint	CWE-22
url	query param	iclock/file?SN=att&url=/../../../../../../../../biotime/attsite.ini	Directory traversal to read BioTime config file via iclock/file endpoint	CWE-22
SN	query param	iclock/file?SN=att&url=/../../../../../../../../zkbiotime/attsite.ini	Directory traversal to read BioTime config file via iclock/file endpoint (non-default path)	CWE-22
url	query param	iclock/file?SN=att&url=/../../../../../../../../zkbiotime/attsite.ini	Directory traversal to read BioTime config file via iclock/file endpoint (non-default path)	CWE-22
host	request body	base/sftpsetting/add/	Add SFTP settings susceptible to manipulation leading to RCE	CWE-22
port	request body	base/sftpsetting/add/	Add SFTP settings susceptible to manipulation leading to RCE	CWE-22
is_sftp	request body	base/sftpsetting/add/	Add SFTP settings susceptible to manipulation leading to RCE	CWE-22
user_name	request body	base/sftpsetting/add/	Add SFTP settings susceptible to manipulation leading to RCE	CWE-22

17 Jun 2026 06:11Current

9.6High risk

Vulners AI Score9.6

CVSS 3.19.8

EPSS0.03197

SSVC

cve-2023-38951 zkteco biotime path traversal vulnerability sftp configuration nvd